Wednesday, July 22, 2009
very good Wake-Up Alram software
I came across with a very good Alarm software which works if you PC/laptop gooes to standby mode. Also it you can set a newspaper wherein in the early morning you can see the Newspaper when the Alarm rings. You can set your own music for the a an alarm ring.
I would like you to try the same.
Thursday, February 26, 2009
Migrating Global Address List from Exchange 2003 to Exchange 2007 Cross-Forest
Following are the steps to migrate an Exchange 2003 Global Address List to an Exchange 2007 Organization Cross-forest. The important thing is that there is no physical connectivity between both the forests/organizations. These are 2 independent entities between which no Trust or Synchronization can be established.
Step 1: Use the CSVDE command to export the users or contacts into a .CSV file.
csvde -r "(objectClass=User)" -d "ou=testou,dc=ad,dc=testdomain,dc=co,dc=jp" -l displayName,mail,proxyAddresses,targetAddress,mailNickname -f c:\userlist.csv
Note – If you need to export contacts from Active Directory you need to change the objectClass=user to objectClass=Contacts.
All the attributes like
“displayName,mail,proxyAddresses,targetAddress,mailNickname” are necessary to export mail enabled users and contacts.
STEP 2: Take the userlist.csv file to the other Forest/Exchange Server.
STEP 3: Open the file in an Excel Sheet.
- Insert a new column after the displayName. Name the column as objectClass. Enter the value into the column as User or Contact in front of each Object Exported
If you do not add “objectClass” as a column the CSVDE import command fails with the following error
"error reading attribute list"
- Rename the column header Mail with targetAddress.
At this point we need to change the DN name to the one of your domain.
In our scenario the DN name was “dc=ad,dc=testdomain,dc=co,dc=jp” and we had to change it to “DN=newdomain,DN=com”. Use the replace all option in Excel to replace “dc=ad,dc=testdomain,dc=co,dc=jp” to “DN=newdomain,DN=com”.
We had the exported users in different OU’s.
Example
CN=User1,OU=testou,DC=newdomain,DC=com
CN=User2,OU=testou, DC=newdomain,DC=com
When you run the CSVDE command to import the userlist.csv file it fails with the error that it cannot find the OU’s in active directory.
We used the following Excel Formula to convert the entries without OU’s
=CONCATENATE(LEFT(A2,SEARCH("OU",A2,1)-1),RIGHT(A2,LEN(A2)-SEARCH("DC",A2,1)+1))
The above command changed the following
CN=User1,OU=testou, DC=newdomain,DC=com
TO
CN=User1,
NOTE – This would import all the entries under the domain name in Active Directory Users and Computers. You can then move the objects in OU’s as you require.
STEP 4: Run the following command to import the modified .CSV file in the command prompt
C:\> CSVDE –i –f <location of userlist.csv>
NOTE – Once you run this command you should ideally see all the objects in the GAL. But it does not do that in Exchange 2007. The reason being that the GAL in Exchange 2007 has different attributes.
STEP 5: Once you import the file into an Exchange 2007 Org.
Go to Exchange Management Console > Recipient Configuration > Mail Contact
You will see all the objects in there if you have imported them as contact objectClass. If you have imported them as users you see them under
Exchange Management Console > Recipient Configuration > Mailbox
You wont be able to see the contact/users in the GAL until you uncheck and check the “Automatically update e-mail addresses based on e-mail address policy”.
Make sure that you have an External E-mail Address for all the users/contacts. If not then you need to create a new Recipient Policy to set External E-mail Addresses for all of them and apply the policy.
You will have to make all the users mail enabled in order to show all the users/contacts in to the Global Address List.
The shell command to make the contacts mail enabled is ‘set-mailcontact’.
NOTE: In our case all the objects that were imported were contacts. Hence we used the ‘set-mailcontact’ shell cmdlet to mail enable the contacts.
Please refer to the following link for more information on the Exchange Management Shell cmdlets
http://technet.microsoft.com/en-us/library/aa995950.aspx
STEP 6: We need to write a script in order to make bulk contacts mail enabled ( In our scenario we have more that 5000 contacts to be mail enabled).
Following was the script written ‘addcontact.vbs’
========================================================
Set WShell = Wscript.CreateObject("Wscript.Shell")
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.Opentextfile("alias.txt",1)
do while objfile.AtEndOfStream = false
strline = objfile.Readline
if strline = "" then
'do nothing
else
wshell.run "powershell.exe" & " -PSConsoleFile" & " exshell.psc1" & " set-mailcontact" & " " & strline
wscript.sleep(10000)
'msgbox "powershell.exe" & " -PSConsoleFile" & " exshell.psc1" & " set-mailcontact" & " " & strline
End if
==========================================================
This should show all the contacts/users in the Global Address List now.
How to install Root Certificate on Mac
Installing root certificate in Mac OS X
Double-click the .cer file to open the Keychain Access application.
In the Add Certificates dialog box, on the pop-up menu, click X509 Anchors, and then click OK.
If you are asked to provide a name and password, use the administrator credentials.
Click View Certificates to verify the details of the certificate
Quit, and then restart Entourage.
Installing root certificate in Mac OS X v10.5
Double-click the .cer file to open the Keychain Access application.
In the Add Certificates dialog box, on the pop-up menu, click login, and then click OK.
If you are asked to provide a name and password, use the administrator credentials.
Click View Certificates to verify the details of the certificate
Quit, and then restart Entourage
Wednesday, February 25, 2009
Installation of Blackberry Server 4.0
This article guides you to install the Blackberry Server on Windows 2003
Following prerequisites are required for BlackBerry Enterprise Server 4.1.4 installation:
1. Windows 2003 Server Standard with SP2 installed.
2. Exchange 2003 System manager installed and patched to the service pack level of Exchange Server i.e. Service Pack 2.
3. MSDE installed for BlackBerry Management Module.
4. JRE 1.4 for Mobile Data service.
5. BlackBerry User License pack.
6. SRP Identifier.
7. SRP Authentication key.
8. BlackBerry Service account which has Local Administrator access, Log on as service, Logon Locally rights on the machine and at least View only Administrator access to Exchange with a Mailbox associated with the account.
Note: Service account BEPADMIN is created.
9. Out bound connection to the BlackBerry Infrastructure on TCP port 3101.
Installation Procedure
1. Configure the BlackBerry service account with the above-suggested settings.
2. Log on to the BlackBerry server with the service account, run the Setup.exe from BlackBerry 4.1.4 Media.
8. Change the Location for Installation and Log file folder to E Drive and click
13. Log in to server using service account “BEPADMIN,” and wait for the setup program to start automatically.
a. In the Mailbox field, type the name of the mailbox for the service account.
b. Click Check Name to verify the information.
c. In the confirmation dialog box, click
Thursday, October 2, 2008
How to Implement RSA Authentication with Nortel Contivity VPN Gateway
This article describes how to implement RSA authentication for Nortel Contivity VPN Gateway
Requirements
- RSA server (Windows platform)
- Nortel Contivity VPN Gateway
Note: This article assumes basic RADIUS knowledge and familiarity with the Nortel Contivity VPN.
This article describes the RADIUS integrations with RSA and how to enable the RSA authentication for VPN users.
- RSA version 6.1, which is shipped with the Steel-Belted Radius (SBR) server component
Procedure
RSA server configuration steps
Note: If the RSA RADIUS Server component is not installed, consult the RSA RADIUS Server 6.1 Administrator’s Guide for further instructions
- On the RSA server, go to Start > Programs > RSA Security and launch RSA Authentication Manager Host Mode. The RSA Authentication Manager 6.1 Administrator window opens.
- Go to RADIUS and choose Manage RADIUS Server in the drop-down menu.
The RSA RADIUS -- Powered by Steel-Belted Radius (RSA) window opens. - In the right pane of the RSA RADIUS window, right-click RADIUS Clients and click Add. The Add RADIUS Client window opens.
- Provide the following configuration settings:
Name: Type the name of the Nortel VPN Box (If there is no hostname assigned to the VPN box then add the same in the host file of the RSA Server)
Description: Type a description (not mandatory).
IP Address: Type the Nortel Contivity VPN Box IP address.
Shared secret: Type the shared secret between Nortel Contivity VPN Box and the RADIUS server.
Make/model: Choose - Standard Radius - from the drop-down menu. - Click OK. The Add RADIUS Client window closes.
- Close the RSA RADIUS – Powered by Steel-Belted Radius (RSA) window.
- In the RSA Authentication Manager Host Mode window, click Agent Host and choose Add Agent Host.
- Configure the following settings for your Nortel Contivity device:
Name: Provide the Fully Qualified Domain Name (FQDN) of the Nortel Contivity VPN device. After providing the FQDN, press the TAB key and the Network address field should populate itself.Network address: If this field does not populate itself, provide then add the FQDN in the host file of the RSA Server
Agent Type: Select Communication Server.Select the Open to All Locally Known Users check box. If not all the users imported on the RSA server are allowed, click User Activations... and import the users that are allowed to authenticate through the Nortel Contivity.
Note: By Default the Agent Host for the RSA Server will be created and configured as RADIUS Server after installation of RADIUS component. But in case if it is not created please create the same as below - If not already present, create an Agent Host entry for the RSA server itself. Refer to the following screen shot:
10. Configure the following settings for your RSA server:
Name: Provide the FQDN of the RSA server. After providing the FQDN, press TAB and the Network Address window should populate itself.
Network Address: If it does not self-populate, provide the IP address of the RSA server.
Agent Type: Select RADIUS Server.
Additional configuration steps on the RSA server
1. Import users (through Lightweight Directory Access Protocol (LDAP) synchronization) or create local users.
2. Assign token to users.
3. Consult your RSA product documentation for more information on how to finalize the RSA server configuration.
Nortel Contivity VPN Router configuration steps
Enabling Support for RSA SecurID Authentication
- Using an Internet Browser, connect and login to the Nortel VPN Router Administration Console.
- Enable RSA SecurID authentication via RADIUS (Services > IPSec > RADIUS Authentication).
VPN Router Supported Authentication Types
- The Nortel VPN Router supports RSA SecurID Authentication of users via Radius only. This is configured in the Servers > Radius Authentication page of the CES Web management interface.
- Check the box at the top of the screen that reads Enable Access to RADIUS Authentication.
- Under the Server-Supported Authentication Options section, click the checkbox to enable support for Response Only authentication.
4. In the RADIUS Servers section, fill out the info required making sure the box labeled Enabled is checked next to each server available to the Nortel VPN Router for authentication.
RADIUS Group Configuration
Any user seeking RADIUS authentication must belong to a group specified by a group ID and password, configured in the Profiles > Groups > Edit > IPSec > Authentication > Configure page. This is a two-step process where (1) the Nortel VPN Router authenticates the remote user with RSA SecurID tokens, and (2) the client uses the Group ID and Group Password to authenticate the Switch's identity.
- Click to enable the RSA SecurID token security authentication.
- Enter the Group ID and Password to provide access to the Nortel VPN Router from the client.
Friday, September 12, 2008
Monday, September 8, 2008
Webcasts on MS Exchange 2007
TechNet Webcast: Getting Started with Microsoft Exchange Server 2007: Simple Installation, Setup, and Administration Scenarios (Level 200)
https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032345492&culture=en-gb
TechNet Webcast: High Availability in Exchange Server 2007 SP1 (Part 2 of 2): Disaster Recovery and SCR Deep Dive (Level 300 to Level 400)
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032381322&Culture=en-US